CVE-2018-4853
Severity CVSS v4.0:
Pending analysis
Type:
CWE-306
Missing Authentication for Critical Function
Publication date:
03/07/2018
Last modified:
17/06/2026
Description
A vulnerability has been identified in SICLOCK TC100 (All versions) and SICLOCK TC400 (All versions). An attacker with network access to port 69/udp could modify the firmware of the device.
Impact
Base Score 3.x
9.80
Severity 3.x
CRITICAL
Base Score 2.0
10.00
Severity 2.0
HIGH
Vulnerable products and versions
| CPE | From | Up to |
|---|---|---|
| cpe:2.3:o:siemens:siclock_tc400_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:siemens:siclock_tc400:-:*:*:*:*:*:*:* | ||
| cpe:2.3:o:siemens:siclock_tc100_firmware:-:*:*:*:*:*:*:* | ||
| cpe:2.3:h:siemens:siclock_tc100:-:*:*:*:*:*:*:* |
To consult the complete list of CPE names with products and versions, see this page



